https://blog.destinyoo.com/Cheetsheets/Destinys-Ultimate-Cheetsheet/ 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Cheetsheets/ 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/Active---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/Administrator---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/Cap---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/Escape---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/EscapeTwo---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/Forest---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/Haze---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/Manager---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/Monteverde---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/OpenAdmin---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/Outdated---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/Scrambled---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/HackTheBox.com---Machines/Timelapse---HackTheBox.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Legion-OffSec/Legion-SS-EP03-Lab 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---Insecure-direct-object-references 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---Method-based-access-control-can-be-circumvented 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---Multi-step-process-with-no-access-control-on-one-step 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---Referer-based-access-control 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---URL-based-access-control-can-be-circumvented 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---Unprotected-admin-functionality-with-unpredictable-URL 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---Unprotected-admin-functionality 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---User-ID-controlled-by-request-parameter-with-data-leakage-in-redirect 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---User-ID-controlled-by-request-parameter-with-password-disclosure 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---User-ID-controlled-by-request-parameter,-with-unpredictable-user-IDs 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---User-ID-controlled-by-request-parameter 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---User-role-can-be-modified-in-user-profile 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/Lab---User-role-controlled-by-request-parameter 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Access-Control/ 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---2FA-broken-logic 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---2FA-simple-bypass 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---Broken-brute-force-protection,-IP-block 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---Broken-brute-force-protection,-multiple-credentials-per-request 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---Brute-forcing-a-stay-logged-in-cookie 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---Offline-password-cracking 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---Password-brute-force-via-password-change 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---Password-reset-broken-logic 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---Password-reset-poisoning-via-middleware 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---Username-enumeration-via-account-lock 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---Username-enumeration-via-different-responses 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---Username-enumeration-via-response-timing 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/Lab---Username-enumeration-via-subtly-different-responses 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Authentication-Vulnerabilities/ 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/CSRF/Lab---CSRF-vulnerability-with-no-defenses 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/CSRF/Lab---CSRF-where-token-validation-depends-on-request-method 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Command-Injection/Lab---OS-command-injection,-simple-case 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Essential-Skills/Lab---Discovering-vulnerabilities-quickly-with-targeted-scanning 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/File-Upload-Vulnerabilities/Lab---Remote-code-execution-via-polyglot-web-shell-upload 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/File-Upload-Vulnerabilities/Lab---Remote-code-execution-via-web-shell-upload 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/File-Upload-Vulnerabilities/Lab---Web-shell-upload-via-Content-Type-restriction-bypass 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/File-Upload-Vulnerabilities/Lab---Web-shell-upload-via-extension-blacklist-bypass 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/File-Upload-Vulnerabilities/Lab---Web-shell-upload-via-obfuscated-file-extension 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/File-Upload-Vulnerabilities/Lab---Web-shell-upload-via-path-traversal 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Host-Header-Attacks/Lab---Host-header-authentication-bypass 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Host-Header-Attacks/Lab---Web-cache-poisoning-via-ambiguous-requests 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/JWT-Vulnerabilities/Lab---JWT-authentication-bypass-via-unverified-signature 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Path-Traversal/Lab---File-path-traversal,-simple-case 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Path-Traversal/Lab---File-path-traversal,-traversal-sequences-blocked-with-absolute-path-bypass 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Path-Traversal/Lab---File-path-traversal,-traversal-sequences-stripped-non-recursively 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Path-Traversal/Lab---File-path-traversal,-traversal-sequences-stripped-with-superfluous-URL-decode 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Path-Traversal/Lab---File-path-traversal,-validation-of-file-extension-with-null-byte-bypass 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Path-Traversal/Lab---File-path-traversal,-validation-of-start-of-path 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/Path-Traversal/ 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---Blind-SQL-injection-with-conditional-errors 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---Blind-SQL-injection-with-conditional-responses 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---Blind-SQL-injection-with-out-of-band-data-exfiltration 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---Blind-SQL-injection-with-out-of-band-interaction 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---Blind-SQL-injection-with-time-delays 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---SQL-injection-UNION-attack,-determining-the-number-of-columns-returned-by-the-query 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---SQL-injection-UNION-attack,-finding-a-column-containing-text 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---SQL-injection-UNION-attack,-retrieving-multiple-values-in-a-single-column 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---SQL-injection-attack,-listing-the-database-contents-on-Oracle 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---SQL-injection-attack,-listing-the-database-contents-on-non-Oracle-databases 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---SQL-injection-attack,-querying-the-database-type-and-version-on-MySQL-and-Microsoft 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---SQL-injection-attack,-querying-the-database-type-and-version-on-Oracle 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---SQL-injection-vulnerability-allowing-login-bypass 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---SQL-injection-vulnerability-in-WHERE-clause-allowing-retrieval-of-hidden-data 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---SQL-injection-with-filter-bypass-via-XML-encoding 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/Lab---Visible-error-based-SQL-injection 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SQL-Injection/ 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSRF/Lab---Basic-SSRF-against-another-back-end-system 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSRF/Lab---Basic-SSRF-against-the-local-server 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSRF/Lab---Blind-SSRF-with-out-of-band-detection 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSRF/Lab---SSRF-with-blacklist-based-input-filter 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSRF/Lab---SSRF-with-filter-bypass-via-open-redirection-vulnerability 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSRF/Lab---SSRF-with-whitelist-based-input-filter 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSRF/ 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSTI/Lab---Basic-server-side-template-injection-(code-context) 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSTI/Lab---Basic-server-side-template-injection 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSTI/Lab---Server-side-template-injection-in-an-unknown-language-with-a-documented-exploit 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSTI/Lab---Server-side-template-injection-using-documentation 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/SSTI/Lab---Server-side-template-injection-with-information-disclosure-via-user-supplied-objects 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/XXE/Lab---Blind-XXE-with-out-of-band-interaction-via-XML-parameter-entities 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/XXE/Lab---Blind-XXE-with-out-of-band-interaction 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/XXE/Lab---Exploiting-XXE-to-perform-SSRF-attacks 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/XXE/Lab---Exploiting-XXE-using-external-entities-to-retrieve-files 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Portswigger-Academy-Labs/XXE/Lab---Exploiting-blind-XXE-to-exfiltrate-data-using-a-malicious-external-DTD 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Resources/AD-BloodHound/ 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Resources/Basic-Pentesting/Nmap 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Resources/Basic-Pentesting/Tpot-Honeypot 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Resources/ 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Chains/Heron---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Chains/Hybrid---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Chains/Lustrous---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Chains/Reflection---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Chains/Tea---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Chains/Tengu---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Baby---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Baby2---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Breach---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Cicada---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Escape---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Job---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Lock---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Phantom---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Retro---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Retro2---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Sendai---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Vulnlab.com---Machines/Sweep---Vulnlab.com 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Writeups/Portswigger/ 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/Writeups/ 2026-03-09T20:43:10.000Z https://blog.destinyoo.com/ 2026-03-09T20:43:10.000Z